New attack vector – Man-in-the-Browser Malware –

OWASP has a good description of Man-in-the-Browser or MITB attacks.

man-in-the-browser

I am trying to explain it with an image (this is a fictional account)-

1. the Customer (person trying to go use a financial website) goes to “Bank in USA” website.

2. The “Bank in USA” sends information to create a web interface for Customer.

2a. the malware notices that customer is going to “Bank in USA” site, and adds to browser some fake input field (in image is drivers license number)

3. The Customer enters username and password and/or drivers license.

3a. The malware accepts the drivers license number and username and password –> sends the information to drop server that the criminal accesses.

3b. A separate command and control server (by the hacker) also modifies the malware if set up in that manner.

 

 

This is a new level of danger that all people must be aware of.

 

Please distribute to anyone who needs it.

Simply said if your financial company website has “grown” in questions about your personal identity be aware this may not be the financial company that you want to work with.

 

 

Trusteer explanation: Man-in-the-Browser  (MitB) – also a webpage injection and tempering.

Here is a Youtube about the MitB by Trusteer.